Europaisches 
Patentamt 



European 
Patent Office 



RefMPCT/PTO ' 0 ^ JAM 200* 

PCT/IBO 3 / 0 2 8 3 4 
-13; 86. 03 



Bescheinigung Certificate 



Attest! 




Die angehefteten Unterla- The attached documents Les documents fixes a 

gen stimmen mit der are exact copies of the cette attestation sont 

ursprQnglich eingereichten European patent application conformes a la version 

Fassung der auf dem nach- described on the following initialement deposee de 

sten Blatt bezeichneten page, as originally filed. la demande de brevet 

europaischen Patentanmel- europeen specifiee a la 

dung uberein. page suivante. 



Patentanmeldung Nr. Patent application No. Demande de brevet n° 

02078328.8 



PRIORITY 
DOCUMENT 

SUBMITTED OR TRANSMITTED IN 
COMPLIANCE WITH RULE 17.1(a) OR (b) 



Der President des Europaischen Patentamts; 
Im Auftrag 

For the President of the European Patent Office 
Le President de I'Office europeen des brevets 



R C van Dijk 



EPA/EPO/OEB Form 1014.1 - 02.2000 7001014 



BEST AVAILABLE COPY 




Europaisches 



Office europeen 



Anmeldung Nr: 

Application no.: 02078328.8 



Anmeldetag: 
Date of filing: 
Date de d€pot: 



Anmel der/Appl i cant( s)/Demandeur( s) : 

Koninklijke Philips Electronics N.V. 
Groenewoudseweg 1 
5621 BA Eindhoven 
PAYS -B AS 

Bezeicnnung der Erf indung/Title of the i nventi on/Ti tre de V invention: ■ 
(Falls die Bezeichnung der Erfindung nicht angegeben ist, siehe Beschreibung, 
If no title is shown please refer to the description. 
Si aucun titre n'est indiqufi se referer a la description.) 

Data retention of integrated circuit on information carrier 

In Anspruch genommene Prioriat(en) / Priority(ies) claimed /Priories) 
revendiqu<5e(s) . 
Staat/Tag/Aktenzei chen/State/Date/File no./Pays/Date/Nun,ero de depot: 



Internationale Patentklassif ikati on/International Patent Classification/ 
Classification Internationale des brevets: 

G06K19/00 

Am Anmeldetag benannte Vertragstaaten/Contracti ng states designated at date of 
filing/Etats contractants designees lors du depdt: 

AT BE BG GH CY CZ DE DK EE ES FI FR GB GR IE IT LI LU MC NL PT SE SK TR 



02078328.8 

EPVEPO/OEB Form 1014.2 - 01.2000 7001014 



2 



PHNL020629EPP 




08.07.2002 



Data retention of integrated circuit on information carrier 

EPO-DG1 
ML 07. 2002 




The invention relates to an information carrier comprising an information area 
for storing information, and an integrated circuit comprising a storage unit for storing 
additional information. The invention also relates to a method for restoring the additional 
information. The invention also relates to an apparatus and to an integrated circuit. 



An information carrier of the type described in the opening paragraph is 
known, inter alia, from patent application WO 02/173 16 (= PH-NL010233). This patent 
application discloses an integrated circuit present on an information carrier comprising a 
10 light-sensitive sensor. Via this sensor the integrated circuit can be powered. Patent 

application WO 02/25582 (= PH-NL000525) discloses another information carrier of the type 
described in the opening paragraph. The integrated circuit present on this information carrier 
can be read out via capacitive coupling. The text of these two patent applications is hereby 
enclosed by reference. 

1 5 Recently, it has been proposed to equip optical information carriers, like for 

example CD-ROM discs or DVD-Video discs, with an integrated circuit. The integrated 
circuit can be used for storing all kinds of information, for example information related to the 
actual content stored on the information carrier, but also access information. This access 
information can comprise keys for encrypting and decrypting the information stored or 

20 Digital Rights Management (DRM) information, i.e. information for controlling the type of 
access to the information, like read-only, copy-only-once, etc. Use of an integrated circuit on 
an information carrier appears to be a robust method of copy protection, because the 
information present in the integrated circuit is secret and cannot be easily accessed. 

As the integrated circuit present on these information carriers have to be able 

25 to hold and/or store information, it comprises, besides means for receiving and transmitting 
information, a storage unit. This storage unit may be magnetically readable and/or 
programmable. An example of such a storage unit is a hard disc. This storage unit may also 
be electrically readable and/or programmable. Examples of this are non-volatile memories 
such as EEPROM, Flash, MRAM or FERAM. These memories are all multiple times 
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rewritable. Detailed information on these so-called non-volatile memories can be found in 
Nonvolatile semiconductor memories, technologies, design, and applications", Chenmmg 
HU (ed.), 1991, ISBN 0-87942-269-6. 

In general, most storage units suffer from data degradation and/or data loss. 

which the reliability and/or correctness of data stored in the storage unit is guaranteed. For a 
non-volatile memory such as an EEPROM (an electrically erasable programmable read only 
memory that is inexpensive and needs no backup battery), the data retention time is specified 
for approximately lOyears.The data ration time for an EEPROM is not indefinite as, over 
time charge tends to leak ftom the floating gates of some of the memory devicos of the 
EEPROM. This leakage can, over time, lead to incorrect information or to a complete loss of 
information- 

The inventors have realized that it is desirable to prevent this loss of 
information. If this information is degenerated or lost, it is possible that the information 

information is key information or DRM information. It is important to avert this, as it would 
lead to unjustly restricting foe usage rights of the user or buyer of the information earner 
concerned. 



20 ... 

It is an object of the invention to realize an information carrier comprising an 

integrated circuit, for which the loss of information stored in the integrated circuit, due to 

natural deterioration of the memory type used or due to any other cause, canbeovercome.lt 

is a further obj ect to realize a method for restoring the additional information. It is a further 

^^^ectjo ^^ 

integrated circuit for use in the information carrier. 

According to the invention, the integrated circuit present on the information 
carrier further comprises a one time pro grammable memory comprising a resurrection key, 
the one time programmable memory having a substantially larger data retention time than the 
30 storage unit. By equipping the integrated circuit with a one time programmable memory 
having a substantially larger data retention time than the storage unit and by storing a 
resurrection key in this memory.it becomes possible to restore lost or deteriorated addxtional 
information, because the resurrection key can be used for recovering the additional 
information stored in the storage unit. The information carrier according to the invention thus 
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has the advantage that the information stored remains useable, even after the time when the 
additional information stored in the storage unit is degenerated or lost 

The invention is based on the following recognition. Nowadays, most 
information carriers available are of such a high quality with regard to durability, that if such 
information carriers are equipped with storage units having a limited data retention time, it is 
not just imaginary that the information stored on such an information carrier "survives" this 
storage unit, i.e. the additional information present in the storage unit is lost or is degenerated 
before the value of the information stored on the information carrier is lost. The data 
retention time of a non-volatile memory like an EEPROM is specified for approximately 10 
years. For an information carrier with an integrated circuit comprising such an EEPROM this 
implies that the integrity of the keys and the updateable rights stored in the EEPROM are not 
guaranteed after that time. The inventors have recognized that this effect is detrimental to the 
use of such information carriers. 

In an advantageous embodiment of the information carrier according to the 
invention, the one time programmable memory further comprises information related to the 
expiration date of the information stored or to be stored in the information area. This has as 
an advantage that with this information it is possible to more accurately deterrnine the way 
the additional information is lost or has been degenerated. 

In a further advantageous embodiment of the information carrier according to. 
the invention, the information carrier further comprises a disc key. Preferably, the 
resurrection key is encrypted with the disc key. Preferably, the expiration date is encrypted 
with the disc key. Using the disc key, the resurrection key and the expiration date can be 
protected against illegal access, as only compliant players are intended to be able to read out 
this key. 

In a further advantageous embodiment of the information carrier according to 
the invention, the disc key is a unique disc key that is derived from an identifier of the 
integrated circuit. Preferable, the one time programmable memory further comprises the 
identifier. By deriving the disc key also from an identifier of the integrated circuit, for 
example a unique number stored in the integrated circuit, it is possible to strengthen the copy 
protection or information access system. The identifier can already be stored in the integrated 
circuit during production of the circuit, due to which changing of removing the identifier 
becomes almost impossible. 

In a further advantageous embodiment of the information carrier according to 
the invention, the one time programmable memory is realized in fuse-logic. A fuse-logic one 
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time programmable memory has as an advantage that it has an almost indefinite retention- 



time 



20 



In a further advantageous embodiment of the information earner according to 
the invention, the storage unit is an EEPROM having a data retention time of approximately 
10 yenrs. This information carrier according to the invention has as an advantage that the 
storage nnit used on tire integrated circuit present on the information carrier can be made 
thinner, as the thickness of the isolator layer in the storage unit, for example a silicon-oxrde 
layer can be decreased. Although this will increase the change that the electrons trapped » 
tire floating gated of the EEPROM cell will flow away and will thus decrease the data 
retention time of the memory, the information lost can be restored using me resurrection key. 
TMsinfornumoncamer according to the invention thus has as a further advantage that 
sto^eumtewithadecreasedretentiontimecanbe used. These kinds of storage units can 
generally be produced faster and cheaper than storage unit with a larger retention time. For 
example, the so-called Mifere Ultra Light EEPROM is produced by skipping certam steps m 
the IC process and by not performing extensive testing. 

In a further advantageous embodiment of the information carrier accordmg to 
the invention, the integrated circuit is contactlessly readable. 

The invention further relates to a method for restoring the additional 
information stored in the storage unit present on the integrated circuit of the information 
carrier according to the invention The invention further relates to an apparatus for 
forming the method according to the invention. The invention further relates to an 
integrated circuit for use in the information carrier according to the invention. 



These and other aspects of the inve ntion are apparent from and will be 



elucidated with reference to the embodiments described hereinafter, and with reference to the 
accompanying drawings, of which: 

Fig. 1 shows diagrammatically an embodiment of the information earner 

according to the invention, 

Fig. 2 shows the use of the embodiment of the information carrier according to 



30 



the invention as shown in Fig. 1 , 

Fig. 3 shows a first embodiment of the method for restoring the additional 
information present on the integrated ekemt of the irformation carrier according to the 
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Fig. 4 shows a flowchart accompanying this first embodiment, 
Fig. 5 shows a second embodiment of the method for restoring the additional 

information present on the integrated circuit of the information carrier according to the 

invention, 

Fig. 6 shows a third embodiment of the method for restoring the additional 
information present on the integrated circuit of the information carrier according to the 
invention, 

Fig. 7 shows a fourth embodiment of the method for restoring the additional 
information present on the integrated circuit of the information carrier according to the 
invention. 

Corresponding elements in the different Figures have identical reference 

numerals. 



Figure 1 shows diagrammatically an embodiment of the information carrier 
according to the invention. An information carrier 1, for example a CD- Audio disc, has an 
information area 2 for storing information and an integrated circuit 3. It is schematically 
indicated that the integrated circuit 3 has a storage unit 4 for storing additional information, 
like for example an Asset Key (A K ) or Asset Keys (Ars) and Rights information, and a one 
time programmable (OTP) memory 5. 

An Asset Key is a key that is used for encrypting a certain asset with, for 
example a certain track of a CD- Audio disc. Each track of this disc can have its own Asset 
Key. However, an Asset Key can also be used for encrypting a number of tracks or for 
encrypting the complete contents of the disc. When these Asset Keys are used for controlling 
access to the information stored on an information carrier, they must be encrypted in order to 
prevent illegal access to the information. To this end they can be encrypted with a disc key 
(see Figures 3,4 and 5 and the accompanying description for an example of such a disc key). 

Rights information is so-called Digital Rights Management (DRM) 
information, information related to the way the information stored in the information area, 
the actual data, is allowed to be used. This DRM information is known to the skilled person, 
and can for example indicated to the number of times the information may be copied or 
played back. This DRM information is updateable, for example when the information is 
copied one time, the DRM information indicating the number of times the information may 
be copied must be amended in that it is decreased by one. 
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The storage unit circuit can for example be an EEPROM or flash EEPROM. 
An EEPROM is an electrically erasable programmable read only memory, which is erasable 
byte by byte, in contrast to a flash EEPROM, which is an EEPROM that cannot be erased by 
bytes but can be erased by the entire chip or large sections ihereof. Detailed information on 
EEPROM and flash EEPROM can be found in the already mentioned "Nonvolatile 
semiconductor memories, technologies, design, and applications". 

The memory arrays of these memories are constructed of a large plurality of 
floating-gate metal-oxide-silicon field effect transistor devices arranged as memory cells in 
typical row and column fashion with circuitry for accessing individual cells and placing the 
memory transistors of those cells in different memory conditions. Such memory transistors 
may be programmed by storing a charge on the floating gate. This charge remains when 
power is removed from the array. The charge level may be detected by interrogating the 
devices EEPROM devices in memory arrays can store one (single-bit cell) or more (mulu-brt 
celi) bits per device. Over time, charge tends to leak from the floating gates of some of the 
memory devices. This can result in an incorrect value. The change of this is even increased if 
anumber of different charge levels are stored in one device as me differences between charge 
levels which indicate the different data values stored by the cell are much smaller when a 
number of levels are stored. 

An OTP memory is a memory with a large retention time, at least large 
compared to the retention time of the storage unit also present on the integrated circuit In an 
OTP memory oata can only be stored o^ 

UVtransparentwindowsinthepackages, which can than also be called PROMs. Detailed 
information on OTP memories can be found in "A new programmable cell utilizing insulator 
breakdown",Sato,Nawata,Wada,IEDMTech.Dig.,pp. 639-643, 1985 (Paper2.7of 
"Mnnvolatiltt ^conductor m emories, technologies, des ign, and ap plications"). Also afuse- 
logic OTP memory can be used. Programming such a memory required the removal of 
significant amounts of materials by evaporation. 

In this OTP memory 5 a Unique Chip Identifier (IDuc)» a resurrection key Rk 
and the expiration date D E xp of the information stored or to be stored in the information area 
30 2 is stored A Unique Chip Identifier is an unique number associated with the integrated 

circuit present on the information carrier, which can normally not be amended or deleted and 
can be used for identification purposes, but can also be used in copy protection or access 
protection schemes. This Unique Chip Identifier can be stored "in the clear" and is than 
accessible without the knowledge of encryption keys or the like. 
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As said before, this resurrection key R K is used to restore the lost or 
deteriorated additional information of the storage unit 4. In a preferred embodiment, the 
expiration date Dexp is also used in the restoration of this additional information. The 
working of Rk and Dexp will be elucidated in embodiments of the method according to the 
5 invention, which are described below. 

In this embodiment of the information carrier according to the invention, the 
information stored in the information area 2 of the information carrier 1 is encrypted with 
Asset Key A K stored in the storage unit 4 of the integrated circuit 3. It should be noted that 
the terms encryption and decryption of information are also understood to mean scrambling 
10 and descrambling. In fact, it is evident to those skilled in the art that there is no fundamental 
difference between scramling/descrambling and encrypting/decrypting information. 

Figure 2 shows the use of the information carrier of Figure 1 . In Figure 2 the 
information carrier 1 of Figure 1 is read out by a player 6. This player can be any kind of 
player for playing information carriers, like for example the well-known CD-Audio player or 
1 5 the DVD-Video player. The working and functioning of such players is known to the person 
skilled in the art. This player 6 is modified, compared to the known players, in that it 
comprises a security module 7, capable of reading out the information present in the storage 
unit 4 and the information present in the OTP memory 5. 

Using the additional information, A K / Aks, Rights, present in the storage unit 
20 4, the data stored in the information area 2 of the information carrier 1 is protected against 
illegal use. The data, E A k(DATA), is encrypted with Asset Key A K . The security module 7 
reads out the Asset Key A K from the storage unit on the integrated circuit and sends this key 
to the decryption module 8 in which the encrypted data EAK(data) is decrypted to result data 
which can be further processed in or outside the player 6. 
25 In the case the additional information can not be reliable read out by the 

security module 7, the R K can be used for restoring this additional information. This can for 
example be accomplished by connecting to the Internet over a so-called Secure Authenticated 
Channel (SAC) 9. This can also be accomplished by connecting to a content provider. This 
can also be performed in a shop in which the additional information is restored using the R K . 
30 In the case the integrated circuit is capable of producing sufficient processing power, 

additional security can be achieved by applying a so-called Secure Authenticated Channel 
(SAC) 10 between the integrated circuit 3 and the security module 7 in the player 6. This will 
be further explained with reference to Figure 6. 
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Different embodiments of the use of the information carrier of Figure 1 as 
shown in Figure 2 will now be discussed and explained with reference to Figures 3 to 6. In 
every embodiment shown in these Figures, the resurrection key Rk is used for restoring the 
Asset Keys and the Rights via Internet, a content provider or any other possible trusted third 
5 party. This resurrection Rk can comprise a unique number which can be used by a Trusted 
Third Party (TTP) when reading out the additional information and/or checking me integrity 
of this additional information. It is also possible that the resurrection Rk comprises an 
encryption/decryption key, a certificate or any other information that can be used by the TTP. 

Fig. 3 shows a first embodiment of the method for restoring the additional 
10 information present on the integrated circuit of the information carrier according to the 

invention. Figure 4 shows a flowchart accompanying this embodiment. In this embodiment 
the storage unit present on the integrated circuit 3 is a non-volatile memory, in particular an 
EEPROM 4. In this embodiment the additional information stored in the EEPROM has been 
lost and this information is restored via a provider. 
! 5 The Asset Keys A K and the Rights are encrypted by a disc key CIDJcey. The 

encrypted Asset Keys and Rights, Ecidj^Ak, Rights), are stored in the EEPROM 4. The 
CID_key is derived by hashing the Unique Chip Identifier IDuc with a Hidden Channel Key 
HCkey. However, it is also possible that the CIDkey is derived by decrypting the IDuc 
(when IDuc is encrypted with the HC_key) with the HCkey or that the CID_key is derived 
20 by decrypting the HC_key ID UC (when HCjcey is encrypted with the IDuc) with the IDuc In 
contrast to IDuc, this Hidden Channel Key is not allowed to be present in the clear, but can 
only be read out by a compliant player 6. This Hidden Channel Key can for example be the 
Hidden Channel Key as described in WO02/15185 (= PH-NL000451). The Resurrection Key 
R K is also encrypted with the CIDJcey and the thus encrypted Resurrection Key, 
25 EcuWRk), is stored ' m QTP memory 5 ' preferably m fase - logic - As mentioned before, this 
type of memory has a much longer retention time compared to EEPROM. 

Information stored or to be stored in the storage unit 4 and the OTP memory 5 
can be transferred between the player 6 and the integrated circuit 3 in different ways. In this 
embodiment the data transfer from the security module in the player to the integrated circuit 
30 is done via an optical link (opt), for example comprising a LED/photodiode, and the data 
transfer from the integrated circuit to the security module in the player is done via a radio 
frequency link (rf), for example a radio transmitter/receiver combination. Information on 
these links can be found in WO 02/17316 (= PH-NL010233). 
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In the security module 7 the content of the EEPROM 4 is analyzed. This will 
be explained with reference to Figure 4. First, the EEPROM data, the additional information 
is read from the EEPROM in step 1 1 . In step 12, the security module 7 checks whether the 
EEPROM data, Ak, Rights, has been degenerated. If the EEPROM data has not been lost or 
degenerated, the information of the disc is read out by decrypting the EAic(data) with the read 
out Asset Key A K . in step 13. If the EEPROM data has been lost or degenerated, the security 
module 7 checks whether the EEPROM data, Ak, Rights, has been "naturally" degenerated, 
in step 14. There are different ways to check whether the data has been naturally degenerated. 
For example, it is possible to detect the number of errors in a certain block and calculate the 
error rate. If this number exceeds a certain predefined number, it can be decided that the 
degeneration has not been the result of natural degeneration. Patent application WO96/20443 
describes different embodiment of performing such a check. It is also possible to check 
whether the number of errors in the data exceeds the error correction capacity of the data. It 
can be decided that if this is the case, the degeneration is not due to natural degeneration. 

In a preferred embodiment of this natural degeneration check, the OTP 
memory also comprises information related to the expiration date Dbxp of the information 
stored or to be stored in the information area. Using this expiration date, it is possible to 
perform a more accurate detection of the way of degeneration of the EEPROM data. It is 
important to distinguish between natural and non-natural degeneration, because non-natural 
degeneration can be the result of attempts to illegally get access to the information stored in 
the information area of the information carrier by trying to delete the EEPROM data. By 
checking specific tamper profiles the security module 7 can detect non-natural degeneration 
(fraud) and block access to the information forever. 

In a preferred embodiment, the degeneration of the EEPROM data is detected 
in the integrated circuit 3 itself by checking the pattern of 'natural' data degeneration. This 
has as an advantage mat information relating to the checking of the pattern a degeneration 
does not have to be outsourced to the security module 7 of the player 6. This will reduce the 
possibilities of "eavesdropping" of this information. Further, as the check is performed in the 
integrated circuit itself, it is hampered that external signals can influence this check. In to be 
able to perform this check in the integrated circuit, the integrated circuit must be able to 
produce sufficient processing power. 

If it is detected in step 14 that the errors in the data or the loss of the data has 
been the result of natural degeneration, the resurrection key R K combined with the disc key 
CID_key can be used to restore the keys and the rights for example via the Internet or via a 
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provider of atrusted party ("shop") by using a SAC, step 15. In apreferred embodiment, the 
availability of A K and the rights supplied by the content provider should be coupled to the 
expected EEPROM expiration date Dexp. This has as an advantage that replay attacks are 
prevented. If it is detected in step 1 4 that the errors in the data or the loss of the data has not 
been the result of natural degeneration, decrypting of the information present on the disc is 

prevented, in step 16. 

Figure 5 shows a second embodiment of the method for restoring the 
additional information present on the integrated circuit of the information carrier according to 
the invention. In this embodiment, the Rights are made ever lasting via the provider after the 
expiration date has passed, despite the condition of the EEPROM data. This embodiment is 
based on the understanding that the actuality or lifetime information stored in the information 
area of the information carrier is limited. As an example, a software release is substituted by 
new updates and certain music is not popular anymore after a certain time. The rights 
management architecture checks if the disc content has been expired. After expiration the 
copy protection mechanism is bypassed by getting everlasting, or amended rights from the 
provider. Passing the expiration date will trigger the connection to the provider via for 
example Internet. In a variant of this embodiment, the expiration date Dexp of the information 
is stored in OTP memory in the integrated circuit. In stead of storing the expiration date, it is 
also possible to use the production date of the information carrier. A certam predefined time 
after the production date, the Rights can thence made everlasting or canbe amended. It is 
"also possible to use multiple dates, for enabling gradually amending Hie Rights, for example 
after the first date the Rights are amended to copy-one, and after the second date the Rights 
are amended to unlimited rights. It is also possible to use this expiration date(s) for restricting 
the use after a certain time, for example in the case of an information carrier comprising a 
demo of a certain software program. 
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Figure 6 shows a third embodiment of the method for restoring the additional 
information present on Ihe integrated circuit of the information carrier according to the 
invention. This embodiment differs from the second embodiment in that the Rights are 
amended or made everlasting after the expiration date without the intervention of or 
connection to the provider. In the player 6, it is checked whether the disc content has been 
expired. This is performed by comparing the actual date D ACT with the expiration date Dexp- 
If the actual date D ACT is after the expiration date Dexp, the additional information is 
amended in that 'ever-lasting-rights' are stored into the storage unit 4. In order to increase the 
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security, the comparison whether the actual date D ACr is after the expiration date Dexp can 
also be performed inside the security module 7. 

Figure 7 shows a fourth embodiment of the method for restoring the additional 
information present on the integrated circuit of the information carrier according to the 
invention. This embodiment differs from the third embodiment in that the transfer of data 
between the integrated circuit 3 and the security module 7 of the player 6 takes places over a 
Secure Authenticated Channel (SAC) 10. Such a SAC can for example be based upon public 
key cryptography. By implementing a SACbetween the security module 7 and the integrated 
circuit 3 possible attacks on the channel between the security module and the integrated 
circuit can be blocked. An additional feature of a SAC protocol is that illegally produced or 
cloned discs can be revoked in a thorough way. In the SAC protocol certificates can be 
distributed by a Trusted Third Party (TTP) that identifies uniquely every disc or groups of 
discs. The SAC protocol checks by means of the ID UC whether the disc is illegal or not. As a 
result, all cloned discs and its original one(s) can be revoked. The revocation list ("black- 
list") can be distributed via legal discs to the player/recorder module or through (super) 
distribution or whenever rights are attained. The EEPROM 4 can further comprise keys 
relevant to the set-up of the SAC. To be able to revoke a disc, the player 6 verifies whether 
the IDuc is present on the revocation list. The asset-keys and the rights will be communicated 
over the SAC the security module. In the same way as in the third embodiment, the player 6 
checks whether the disc content has been expired by comparing the actual date D A cr with the 
expiration date Dexp. If the actual date D ACT is after the expiration date Dexp, the additional 
information is amended in that 'ever-lasting-rights' are stored into the storage unit 4. 

The invention claimed is not limited to a particular kind of information carrier 
comprising an integrated circuit. All kinds of information carriers can be used, like, for 
example, a CD-ROM disc, a DVD-Video disc, a DVD+RW disc a Blu-Ray disc, or a Mini 
Disc, but also non-optical information carriers, like, for example, a hard disc or a magnetical 
tape. The invention is also not limited to a particular kind of connection method between the 
integrated circuit and the security module present in the player (or recorder). Although in the 
embodiments an optical/radio frequency connection method is used (in which an optical 
connection is used for communication from the security module in the player to the 
integrated circuit, and in which an RF connection is used for communication from the 
integrated circuit to the security module in the player), it is for example also possible to use 
an inductive coupling method using for example the well-known MIFARE contactless 
interface system (standardized in ISO/IEC 14443 for contact-less cards). It is also possible to 
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use a capacitive coupling, for example the already mentioned capacitive coupling as 
described in patent application WO 02/255 82 (= PH-NL000525). It is further possible to use 
for both connections (integrated circuit towards security module and security module to 
integrated circuit) KF coupling, for example using the so-called Meu chip, developed by 
Hitachi. The invention is also not limited to a particular kind of storage unit or to a particular 

kind of OTP memory. 

It must further be noted that the term "comprises/comprising" when used in 
this specification, including the claims, is taken to specify the presence of stated features, 
integers, steps or components, but does not exclude the presence or addition of one or more 
olher features, integers, steps, components or groups thereof. It must also be noted that the 
word "a" or "an" preceding an element in a claim does not exclude the presence of aplurality 
of such elements. Moreover, any reference signs do not limit the scope of the claims; the 
invention can be implemented by means of both hardware and software, and several "means- 
may be represented by the same item of hardware. Furthermore, the invention resides in each 
and every novel feature or combination of features. 
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CLAIMS: 
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l. 



Information carrier comprising an information area for storing information, 



and an integrated circuit comprising a storage unit for storing additional information (A K , 
Rights), the integrated circuit further comprising a one time programmable memory 
comprising a resurrection key (R K ), the one time programmable memory having a 
5 substantially larger data retention time man the storage unit. 

2. Information carrier according to claim 1 , wherein the one time programmable 
memory further comprises information related to the expiration date (D E xp) of the 
information stored or to be stored in the information area. 

10 

3 . Information carrier according to claim 1 or 2, wherein Hie information carrier 
further comprises a disc key (CIDJcey). 



15 



4. Information carrier according to claim 3, wherein the resurrection key (Rk) is 

encrypted with the disc key (CBD_key). 



5, Information carrier according to claim 3 , wherein the expiration date (Dexp) is 

encrypted with the disc key (CID_key). 



20 



6. Information carrier according to any one of the claims 3 to 4, wherein the disc 

key (CID_key) is a unique disc key that is derived from an identifier (IDuc) of the integrated 
circuit. 



25 



7. Information carrier according to claim 6, wherein the one time programmable 

memory further comprises the identifier (IDUC). 



8. Information carrier according to any one of the claims 1 to 7, wherein the one 

time programmable memory is realized in fuse-logic. 
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9. Information carrier according to any one of the claims 1 to 8 ., wherein the 
storage unit is an EEPROM having a data retention time of approximately 10 years. 

1 0. Information carrier according to any one of the claims 1 to 9, wherein the 
5 integrated circuit is contactlessly readable. 

1 1 . Method for restoring the additional information (Ar, Rights) stored in the 
storage unit present on the integrated circuit of the information carrier of any one of the claim 
1 to 10, which method comprises the following steps, 

reading out the additional information stored in the storage unit, 
checking the integrity of the additional information, 
and if the integrity of the additional information is insufficient, 

reading out the resurrection key (Rr) stored in the one time programmable 
memory and restoring the additional information using the resurrection key. 

12. Method according to claims 1 1, wherein, if the integrity of the additional 
information is insufficient, the method further comprises the step of checking whether the 
additional information has degenerated in a natural way, and wherein the step of reading out 
the resurrection key (R K ) stored in the one time programmable memory and restoring the 
additional information using the resurrection key (Rk) is only performed if the additional 
information has degenerated in a natural way. 

13. Method according to claim 1 1 or 12, wherein the step of the restoring the 
additional information using the resurrection key is performed by a Trusted Third Party 

2 5 ( intent prnvifter ) or via the Internet Qver_aJS_e_cure^u1to 

14. Method according to any one of the claims 1 1 to 1 3, wherein the expiration 
date (Dexp) is used in the step of checking whether the additional information has 
degenerated in a natural way. 

30 

15. An apparatus for performing the method according to any one of the claims 1 1 
to 14, comprising a security module comprising 

means for reading out the additional information (Ak, Rights) stored in the 
storage unit, 
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means for checking the integrity of the additional information, 
means for reading out the resurrection key (Rr) stored in the one time 
programmable memory and restoring the additional information using the 
resurrection key if the integrity of the additional information is insufficient. 

16. An integrated circuit for use in the information carrier according to any one of 

the claims 1 to 10, the integrated circuit comprising a storage unit for storing additional 
information (Ak, Rights), and one time programmable memory comprising a resurrection key 
(Rk). 
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The invention relates to an information carrier 1 comprising an information 
area 2 for storing information, and an integrated circuit 3 comprising a storage unit 4 for 
storing additional information A K and Rights. The integrated circuit further comprises a one 
time programmable memory 5 comprising a resurrection key Rk, the one time programmable 
memory having a substantially larger data retention time than the storage unit. In the case the 
additional information present in the storage unit is lost or has become degenerated, it is 
possible to restore this information using the resurrection key present in the one time 
programmable memory. 



Fig. 3 
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